DSFederal, Inc. is seeking a qualified Information Assurance Analyst (IAM I) to support a defense logistics information technology program. This program is responsible for sustaining and modernizing a family of logistics and supply chain management systems and applications. This position requires a motivated, team player with a detail driven personality that works well supporting a diverse staff across multiple functional areas and locations. This position will work with both government and contractor staff. Individuals must be able to collaborate, present, and disseminate technical and non-technical information to peers, customers, and external agencies as required.
Job Duties/Responsibilities
- Support cybersecurity tasks for program applications, components, and sub-components.
- Assist with tracking, updating, and coordinating information related to Change Requests as they impact cybersecurity activities.
- Follow cybersecurity processes and procedures to protect US Government sensitive information.
- Update cybersecurity documentation in accordance with DOD policy and instruction as required by the ISSM and upload that documentation to a location identified by the ISSM where it is accessible to authorized individuals.
- Verify and validate that security updates and patches are tested and applied to software and operating systems.
- Review information assurance vulnerability management (IAVMs), communications tasking orders (CTOs), operational directives (OPDIRs), vulnerability alerts, and vendor notifications to determine applicability to systems and to assess impact and provide assessment to the ISSM.
- Track, report status, and provide remediation suggestions for identified vulnerabilities.
- Participate in cybersecurity discussions and vulnerability assessment scan reviews and provide technical guidance and solutions implementing cybersecurity best practices which will increase the security of the system and mitigate or eliminate vulnerabilities.
- Generate, review, and update cybersecurity documentation as required by risk management framework (RMF) processes.
- Support all activities required for maintaining the authority to operate (ATO) and Federal Information Security Management Act (FISMA) compliances. These activities include, but are not limited to, Annual Security Reviews, Annual Security Control testing, Annual Contingency Plan testing, and quarterly update and submission of a quarterly Plan of Action and Milestones (POA&M).
- Support cyber readiness inspections (CRI) and IV&V events as required. This includes but is not limited to; reviewing and updating systems security documentation, performing pre-assessment scans, analyzing vulnerability scan results, analyzing and updating configuration documentation, evaluating STIGs, evaluating test results, preparing and reviewing POA&Ms, and providing remediation options for vulnerabilities. All vulnerabilities shall be identified in the Security POA&M.
- Minimum 2 years of information assurance/cybersecurity experience with DoD military automated information systems and information technology.
- Must possess an active Public Trust Clearance or higher.
Required Technical Skills:
- Knowledge of DoD cybersecurity processes and procedures.
- Knowledge of common cybersecurity threats, vulnerabilities, and attack vectors, including malware, phishing, social engineering, and network attacks.
- Familiarity with security tools and technologies, such as firewalls, intrusion detection/prevention systems, antivirus software, and vulnerability scanners
- Good analytical and problem-solving skills to identify security risks, analyze logs and security events, and propose effective solutions.
Education Requirements:
- HS Diploma or equivalent
Required Certifications:
- Security (+) Plus Certification.
Desired Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (CEH)
- Certified Authorization Professional (CAP)
- CompTIA Advanced Security Practitioner (CASP)
- GIAC Security Leadership Certificate (GSLC)
Who We Are:
DSFederal is a leader in health IT and data analytics that delivers innovative solutions to improve healthcare delivery and address critical challenges, including cancer surveillance, HIV/AIDS, maternal and child health, and COVID-19 emergency response. Our highly experienced professionals serve over 50 different federal clients on over 80 projects. Our people are united by one mission – to empower federal agencies to achieve their mission by connecting the dots between data, people, and technology to derive insights that help improve federal policies and decisions.
What We Can Offer You:
DSFederal attracts the best people in the business with our competitive benefits package that includes medical, dental and vision coverage, 401k plan with employer contribution, paid holidays, vacation, and more. If you enjoy being a part of a high performing, professional services, and technology focused organization, we encourage you to apply!
Our Core Values:
Collaborative, Curious, Impactful, Invested, Reliable, Trusted
EEO Statement:
DSFederal is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.
E-Verify Statement:
DSFederal utilizes the E-Verify program for every potential new hire. This makes it possible for us to confirm that every employee who works for DS Federal is eligible to work in the United States. To learn more about E-Verify you can call 1-800-255-7688 or visit their website by clicking the logo below. E-Verify® is a registered trademark of the United States Department of Homeland Security.
#LI-LP1